PECB
LEAD-AUDITOR · Question #103
LEAD-AUDITOR Question #103: Real Exam Question with Answer & Explanation
Sign in or unlock LEAD-AUDITOR to reveal the answer and full explanation for question #103. The question stem and answer options stay visible for context.
Question
You are carrying out your first third-party ISMS surveillance audit as an Audit Team Leader. You are presently in the auditee's data centre with another member of your audit team. You are currently in a large room that is subdivided into several smaller rooms, each of which has a numeric combination lock and swipe card reader on the door. You notice two external contractors using a swipe card and combination number provided by the centre's reception desk to gain access to a client's suite to carry out authorised electrical repairs. You go to reception and ask to see the door access record for the client's suite. This indicates only one card was swiped. You ask the receptionist and they reply, "yes it's a common problem. We ask everyone to swipe their cards but with contractors especially, one tends to swipe and the rest simply 'tailgate' their way in" but we know who they are from the reception sign-in. Based on the scenario above which one of the following actions would you now take?
Options
- ARaise an opportunity for improvement to have a large sign in reception reminding everyone
- BDetermine whether any additional effective arrangements are in place to verify individual access to
- CRaise a nonconformity against control A.7.1 'security perimiters' as a secure area is not adequately
- DRaise a nonconformity against control A.7.6 'working in secure areas' as security measures for
- ERaise a nonconformity against control A.5.20 'addressing information security in supplier
- FRaise an opportunity for improvement that contractors must be accompanied at all times when
Unlock LEAD-AUDITOR to see the answer
You've previewed enough free LEAD-AUDITOR questions. Unlock LEAD-AUDITOR for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.